Lawsuit Against Keyw Alleges Security Breaches, Data Removal, Violations Of Security Policy

|
 |  About: KEYW Holding (KEYW), Includes: XLS
by: The Pump Stopper

Summary

This lawsuit indicates KEYW is coming apart at the seams internally with credibility and ethical standards called into question.

Allegations against KEYW include Unlawful security breaches, Data Removal, Violations of Security Policy and more. These allegations are the worst possible behavior I can imagine for a security company.

The lifeblood of any security company is it's integrity. With KEYW's reputation damaged in a close-knit defense community I wonder: who will want to hire KEYW?

KEYW had to settle this suit for $4.8m and, since KEYW apparently couldn't afford any other option, had to pay the settlement in installments.

The final settlement payment will further stress KEYW's leveraged balance sheet this next quarter.

Lawsuit Against Keyw Corp (NASDAQ:KEYW) Alleges Unlawful, Security Breaches, Data Removal, Violations of Security Policy: Is KEYW Co. Riskier Than the Threats It Claims to Stop?

In this Part 2 of my 3 part report (Part 1 is here) I show not only is KEYW facing imminent bankruptcy risk but this lawsuit also clearly demonstrates to me KEYW is coming apart at the seams internally as both their credibility and ethical standards are called into question. Both are the lifeblood of any security company and the risks here cannot be overstated.

KEYW: Could This Company Collapse into Bankruptcy?

This shocking lawsuit (full lawsuit document shared in full below) was filed by military powerhouse Exelis (NYSE:XLS) against KEYW and named individuals. This lawsuit reads like a James Bond 007 movie given the high profile nature of working with government and military customers. Keep in mind the context of government or military security work as you read.

This document alleges KEYW unlawfully conspired with internal employees at Exelis to:

  • Attempted to cripple the microelectronics work provided to a government customer of Exelis
  • Took confidential and proprietary information on hard drives, including design files and work instructions from Exelis and customer
  • Shared an Exelis customer's internal proprietary information with another different customer without authorization
  • Took computers with internal information
  • Shared internal and proprietary customer information using unsecure personal Gmail accounts
  • Attempted to delete usernames and data files
  • Violated security policies
  • "...misuse and misappropriation of confidential, proprietary and trade secret information; breach of fiduciary duty; deceit and deception" - a direct quote from the lawsuit
  • While also attempting to transfer a contract/customer away from their employer at the time to KEYW
  • KEYW had to settle this lawsuit for $4.8m plus KEYW apparently couldn't even afford to pay it, instead having to pay the settlement in installments. Both very telling…

How can a defense company be trusted if it allegedly takes secret information from its clients and sabotages customer projects? There are precious few government offices for a company like KEYW to work with. What happens if KEYW's reputation is ruined with these customers or the government and military community? These egregious allegations are the worst possible behaviors I can imagine for a security company.

As already demonstrated, KEYW is NOT a software or tech company. KEYW is primarily a government subcontractor whose useful assets are the credibility and quality of its employees - a fact management has highlighted many times in the past. Therefore, I am shocked no KEYW shareholders seem to be discussing this incriminating lawsuit filed against KEYW and named current KEYW employees Herschel Johnson, John Moses, Wayne Thayer, Kevin Rose, Erik Hampson and Bryan Charboneau.

FULL LAWSUIT SHARED IN FULL HERE FOR THE PUBLIC GOOD.

A few particularly shocking direct quotes from this lawsuit (emphasis mine):

1. "The introduction of the Transition Plan brazenly asks and answers a series of questions, which form a "game plan" to cripple the microelectronics work the Individual Defendants provided to government customers while at EVI and Exelis"

a. My interpretation of the lawsuit is these current KEYW employees allegedly conspired to deliberately cripple the customer's project with Exelis. According to the lawsuit, this was part of a bigger plan for KEYW and named individuals to then take this, now failing project, from Exelis and move that business to KEYW.

b. What kind of employees of a military and US government contractor deliberately conspire to ensure the failure of their customer?! Would YOU want these employees working with the US government or military?

2. "...on his last day of employment, January 9, 2013, Rose (named as currently KEYW employee) prepared and attempted to transfer 259 GB of proprietary data related to two HH-K1 programs to an employee of the Maryland Customer on an external hard drive..."

a. "The external hard drive included proprietary information…"

b. If this is a government customer, I think it is completely unacceptable that some KEYW employee thought it was "ok" to remove, without authorization, 259GB of proprietary government information and then just walk around with it.

3. "Upon information and belief, Charboneau {a named KEYW employee} downloaded Exelis confidential and proprietary information and/or trade secrets… [M]any of the files accessed by Charboneau were then overwritten and/or deleted. Moreover, an apparent attempt was made to delete user profiles of Charboneaus's laptop computer."

4. "[O]n his last day of employment, January 4, 2013, Thayer [a named KEYW employee] removed two laptop ("SCIF Laptops") computers containing unclassified but confidential and proprietary information from EVI's SCIF without authorization…"

5. "Exelis has also learned that on or about January 3, 2013, Rose delivered CP-K2 hardware and data (that belonged to Virginia Customer) to Employee Z of the Maryland customer. This delivery was made without proper request from Virginia Customer's … and in direct violation of security policies and procedures"

a. Allegedly delivering hardware and data directly from one customer to an employee of another customer? = WOW! Even the worst computer viruses can't lift your software AND hardware from you!

6. "Moses forwarded Exelis proprietary information from his Exelis email account to his personal email address jfmoses7@Gmail.com" "Defendants utilized their personal email accounts to further their conspiracy"

a. How can that possibly be considered secure? Was private information put at risk?

b. "..contained sensitive and proprietary Exelis proposal data, including both technical and costing information"

7. "The USB drive also included proprietary information belonging to Exelis and additional, sensitive DS-T4 data..."

a. "data disseminated… includes internal EVI engineering design documents…"

b. "these compact disks contained information and data that belonged to Exelis and that was of a confidential and proprietary nature."

c. "Additionally, the USB drive contained… design files for circuit boards, and full user directories (in other words, every document generated) for six users on an EVI project."

d. "processing information concerning how Exelis builds microelectronics components, and no less than 30 sets of work instructions"

8. "[C]ausing breaches and terminations of those contracts, using improper methods including, but not limited to: misuse and misappropriation of confidential, proprietary and trade secret information; breach of fiduciary duty; deceit and deception..."

What kind of government office is going to allow KEYW and employees like this deep into their confidential and proprietary information? With this in mind, is it a surprise KEYW now faces declining revenue with a leveraged balance sheet?

How much of KEYW's 19% decline in government business in the most recent quarter is attributable to customers pulling away from the company as a result of this egregious lawsuit?

If KEYW, with Herschel L. Johnson, John F. Moses, Wayne S. Thayer, Kevin A. Rose, Erik Hampson and Bryan C. Charboneau, were involved in allegations like this how can they ever be trusted with anything? Let alone confidential and proprietary government customer information? I highly recommend you read this whole lawsuit.

I find it ironic that a self-proclaimed "security expert" like KEYW is allegedly complicit in creating a security breach with people who allegedly took confidential and proprietary information while using their unsecure personal Gmail accounts. KEYW investors who do not read and understand this lawsuit do so at their own risk. KEYW investors are clearly missing both the explosive bankruptcy risk and internal collapse risk due to weak KEYW corporate culture staring shareholders in the face. I believe this lawsuit may result in continued revenue loss for KEYW as it circulates more widely among the defense community.

KEYW Management Response:

I reached out to KEYW management multiple times to discuss my concerns and received no response. I view it as a negative when management of publicly traded companies do not respond to investor inquiries.

I reiterate my opinion and my 9.1/10 rating on THE PUMP SCALE for KEYW with my call for an immediate flushing of the entire KEYW management team as my preferred outcome for shareholders and the good ol' U S of A.

Disclosure: I am short KEYW. I wrote this article myself, and it expresses my own opinions. I am not receiving compensation for it. I have no business relationship with any company whose stock is mentioned in this article.